Linux Today: Linux News On Internet Time.

CNN: Don't blame Back Orifice for security problems

Sep 29, 1999, 21:41 (6 Talkback[s])
(Other stories by Ann Harrison)

"BackOrifice is a remote administration tool for Microsoft Windows and, as Bruce Schneier, chief technology officer at San Jose-based managed security services firm Counterpane Internet Security Inc. (link below), points out, "one of the coolest hacking tools ever developed..."

"Perfectly respectable programs, like pcAnywhere or Microsoft Systems Management Server [SMS], do the same thing. They allow a network administrator to remotely troubleshoot a computer. If the server is installed on a computer without the knowledge or consent of its owner, the client can effectively "own" the victim's PC..."

"In Unix, an attacker would first have to get root privileges. Not in Windows. There's no such thing as limited privileges or administrator privileges or root privileges. This might have made some sense in the age of isolated desktop computers. But on the Internet, this is absurd."

Complete Story

Related Stories: